The year that shook the world

708 views

Published on

Trend Micro presents at The Future of Cyber Security 2012, Canary Wharf 19-Mar-12

In 2011, consumerization became main stream while APTs and cyber-attacks on physical infrastructure hit the front pages. So what about 2012? Increasingly sophisticated attackers will focus beyond the PC-centric desktop. Pressured IT teams will continue Virtualisation and Cloud initiatives while tackling concerns about security, resources and ROI. This session explains how to optimise defences across tomorrows' heterogeneous environments, while increasing efficiency.

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
708
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

The year that shook the world

  1. 1. 2011 – The year that shook the worldWhat’s next? Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 1
  2. 2. On the Radar… Service Growth Cloud? APT Virtualisation Consumerisation Copyright 2009 Trend Micro Inc.
  3. 3. APTGetting on the same page Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 3
  4. 4. Four stages of an attack Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 4
  5. 5. Four stages of an attack Game we thought we’d won Perimeter Security Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 5
  6. 6. Four stages of an attack Game we thought we’d won But the rules changed Mass random attacks became Perimeter Security unique, targeted and focused Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 6
  7. 7. Hands in the air….… put them down when you hear anattack that could affect you… Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 7
  8. 8. Random and Commonhttp://countermeasures.trendmicro.eu/facebook-419/ Source: http://en.wikipedia.org/wiki/File:PhishingTrustedBank.png Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 8
  9. 9. In the balanceSource: http://blog.trendmicro.com/fake-version-of-temple-run-unearthed-in-the-wild/ Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 9
  10. 10. What’s your threshold?You wouldn’t click on a random link… LinkedIn Andy Dancer has indicated you are a Friend I saw you attended my presentation at RSA today. I hope you found that useful and I wanted to reach out and connect in case you wanted any more information? - Andy Dancer …but what about something you were Accept View invitation from Andy Dancer expecting…? WHY MIGHT CONNECTING WITH ANDY DANCER BE A GOOD IDEA? Andy Dancer’s connections could be useful to you After accepting Andy Dancer’s invitation, check Andy Dancers connections to see who else you may know and who you might want an introduction to. Building these connections can create opportunities in the future. © 2011, LinkedIn Corporation Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 10
  11. 11. What’s your threshold?You wouldn’t click on a random link… LinkedIn Andy Dancer has indicated you are a Friend I saw you attended my presentation at RSA today. I hope you found that useful and I wanted to reach out and connect in case you wanted any more information? - Andy Dancer …but what about something you were Accept View invitation from Andy Dancer expecting? WHY MIGHT CONNECTING WITH ANDY DANCER BE A GOOD IDEA? Andy Dancer’s connections could be useful to you After accepting Andy Dancer’s invitation, check Andy Dancers connections to see who else you may know and who you might want an introduction to. Building these connections can create opportunities in the future. © 2011, LinkedIn Corporation Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 11
  12. 12. People are the weakest link Education is essential to reduce the volume of successful attacks to a manageable level Copyright 2011 Trend Micro Inc.
  13. 13. The Rise of Android Threats in 2011 Copyright 2012 Trend Micro Inc.
  14. 14. How BIG will the Android Malwarebe in 2012? http://blog.trendmicro.com/how-big-will-the-android-malware-threat-be-in-2012/ • 1K: End of 2011! (60% increase rate month on month) • 10K: Middle of 2012! • 100K: End of 2012! Copyright 2012 Trend Micro Inc.
  15. 15. Stuxnet Source: http://threatinfo.trendmicro.com/vinfo/web_attacks/Stuxnet%20Malware%20Targeting%20SCADA%20Systems.html Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 15
  16. 16. Water pump control Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 16
  17. 17. Four stages of an attack Starting point for this phase Copyright 2011 Trend Micro Inc.
  18. 18. Four stages of an attack Starting point for this phase I own one PC Probably used by a Senior Manager The data on there is valuable But that’s just the start… Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 18
  19. 19. New security mantra… Too many attacks to stop Block at my network edge Treat my internal network as “safe” Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 19
  20. 20. New security mantra… Too many attacks to stop Keep Block at my network edge out what I can Treat my internal network as “safe” Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 20
  21. 21. New security mantra… Too many attacks to stop Don’t trust Keep out Block at my network edge internal machines what I can Treat my internal network as “safe” Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 21
  22. 22. New security mantra… Too many attacks to stop Clean trust internal Don’t out Keep internal Block at my network edge infection sources machines what I can Treat my internal network as “safe” Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 22
  23. 23. New security mantra… Too many attacks to stop So if I lose the Clean trust internal Don’t out Keep internal battle I don’t lose Block at my network edge infection sources machines what I can the war Treat my internal network as “safe” Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 23
  24. 24. Four stages of an attack Level ofdamage from advanced persistent threats Hours Days/ Weeks / Weeks / weeks months months Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 24
  25. 25. Four stages of an attack Level ofdamage from advanced persistent threats 1 Hours Days/ Weeks / Weeks / weeks months months Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 25
  26. 26. Four stages of an attack Level ofdamage from advanced persistent threats 1 Hours Days/ Weeks / Weeks / weeks months months Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 26
  27. 27. Four stages of an attack Level ofdamage from advanced persistent threats 1 Hours Days/ Weeks / Weeks / weeks months months Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 27
  28. 28. Protect my data Inside-out Security Smart Context aware Self-Secured Workload Local Threat Intelligence INSIDE-OUT DATA SECURITY When Timeline Aware Who Identity Aware Where Location Aware What Content AwareUser-defined Access Policies Encryption Copyright 2011 Trend Micro Inc. 28
  29. 29. So what does that look like? Outer Perimeter Valuable Server Inner Perimeters Valuable Server Endpoint Valuable Server Endpoint Copyright 2011 Trend Micro Inc. 29
  30. 30. Deep SecurityInner Perimeter for valuable assets Deep Packet Inspection Firewall Security Anti-Virus VM VM VM VM VM VM Log Inspection Hypervisor Integrity Monitoring Copyright 2011 Trend Micro Inc. 30
  31. 31. Deep Discovery Outer Perimeter Valuable Server Inner Perimeters Valuable Server Endpoint Valuable Server Endpoint Copyright 2011 Trend Micro Inc. 31
  32. 32. Deep Discovery Simulate Analyze Out of band network data feed of all Correlatenetwork traffic Detect Malicious Content and Communication Identify Attack Behaviour & Reduce False Positives Visibility – Real-time Dashboards Insight – Risk-based Analysis Action – Remediation Intelligence Copyright 2011 Trend Micro Inc.
  33. 33. Mobile App Reputation• Mobile App Reputation is a cloud-based technology that automatically identifies mobile threats based on app behavior Apps – Crawl & collect huge number of Android apps from various Android Markets – Identifies existing and brand new mobile malware Mobile App Issue – Identifies apps that may abuse privacy / device Reputation Identified resources • Malware? • Privacy Risk? • – World’s first automatic mobile app evaluation High Resource Consumption? service – Secure App Store & provide “peace of mind” No Issues for end users – Has been adopted by nDuoa, Nokia-Siemens Network. Copyright 2012 Trend Micro Inc.
  34. 34. Call 01628 400552www.trendmicro.co.uk Classification 4/17/2012 Copyright 2011 Trend Micro Inc. 34

×